User Authentication with Graphical Passwords using Hybrid Images and Hash Function

Authenticating users to secure systems is a crucial task for security experts to solve a password problem, where user should able to memorize a password or secret and password should be hard to guess and crack by adversaries. In general, Most of the secure systems were designed with text passwords along with additional factors such as tokens like smart card, mobile device. Text passwords are not resistant to dictionary, brute-force and guessing attacks. This paper proposes a novel graphical password method, which solves the password problem and secure against all password vulnerabilities. Theoretically, graphical passwords are easy to memorize and recall them easily for long term and resistant to dictionary and brute-force search attacks

Download Full-text

User Authentication Into Electronic Health Record Based on Reliable Lightweight Algorithms

Handbook of Research on Cyber Crime and Information Privacy - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-5728-0.ch032 ◽

2021 ◽

pp. 700-738

Author(s):

Mishall Al-Zubaidie ◽

Zhongwei Zhang ◽

Ji Zhang

Keyword(s):

Electronic Health Record ◽

Experimental Analysis ◽

Elliptic Curve Cryptography ◽

Hash Function ◽

User Authentication ◽

Health Record ◽

Patient Records ◽

Related Information ◽

Authentication Schemes ◽

Electronic Health

Supporting a mechanism to authenticate members in electronic health record (EHR) is a fundamental procedure to prevent different threats from penetrating patients' identities/data. Existing authentication schemes still suffer from security drawbacks. Exchanging medical-related information/data between clients and the servers leaves them compromised to breakthrough by intruders as they can transmit over an unreliable environment. To guarantee the protection of patient records, this chapter proposes a new scheme that provides authentication of patients/providers in EHR depending on the legitimate member identities and the device information. The scheme utilizes an elliptic curve cryptography and lightweight hash function to accomplish robust security with satisfying performance. Moreover, it depends on a set of techniques such as multi-pseudonyms to authenticate legitimate members. Additionally, concentrated theoretical and experimental analysis proves that the proposed provides elevated performance and security compared to existing research.

Download Full-text

A Remote User Authentication Scheme Using Strong Graphical Passwords

The IEEE Conference on Local Computer Networks 30th Anniversary (LCN'05)l ◽

10.1109/lcn.2005.16 ◽

2005 ◽

Cited By ~ 4

Author(s):

Wei-Chi Ku ◽

Maw-Jinn Tsaur

Keyword(s):

User Authentication ◽

Authentication Scheme ◽

Graphical Passwords ◽

Remote User Authentication ◽

User Authentication Scheme ◽

Remote User

Download Full-text

User Authentication Scheme for Internet of Things Using Near-Field Communication

International Journal of Reliability Quality and Safety Engineering ◽

10.1142/s0218539320400124 ◽

2020 ◽

Vol 27 (05) ◽

pp. 2040012

Author(s):

Muhammad H. Alharbi ◽

Omar H. Alhazmi

Keyword(s):

Internet Of Things ◽

Private Information ◽

Hash Function ◽

User Authentication ◽

Near Field ◽

Security Analysis ◽

Xor Operation ◽

Different Types ◽

User Authentication Scheme ◽

The Internet Of Things

In the Internet of things (IoT), the user authentication process is becoming more critical with the growing number of the services provided by IoT. Securing access to these services by the user authentication process leads to high security to prevent any attack on the IoT network. The approach keeps the private information secured efficiently and ensuring that only authorized users can access this information. The proposed scheme uses only Chaskey hash function and XOR operation. The security analysis proves that it is immune to different types of attacks. Furthermore, the scheme is faster, lighter on resources and energy consumption compared to other existing schemes. Finally, we compare the proposed scheme to several other existing schemes on several aspects highlighting main differences.

Download Full-text

A study on usability and security features of the Android pattern lock screen

Information and Computer Security ◽

10.1108/ics-01-2015-0001 ◽

2016 ◽

Vol 24 (1) ◽

pp. 53-72 ◽

Cited By ~ 6

Author(s):

Panagiotis Andriotis ◽

George Oikonomou ◽

Alexios Mylonas ◽

Theo Tryfonas

Keyword(s):

Mobile Device ◽

User Authentication ◽

Hard Copy ◽

Security Assessment ◽

Android Application ◽

Content Type ◽

Graphical Passwords ◽

Shoulder Surfing ◽

Survey Results ◽

Future Work

Purpose – The Android pattern lock screen (or graphical password) is a popular user authentication method that relies on the advantages provided by the visual representation of a password, which enhance its memorability. Graphical passwords are vulnerable to attacks (e.g. shoulder surfing); thus, the need for more complex passwords becomes apparent. This paper aims to focus on the features that constitute a usable and secure pattern and investigate the existence of heuristic and physical rules that possibly dictate the formation of a pattern. Design/methodology/approach – The authors conducted a survey to study the users’ understanding of the security and usability of the pattern lock screen. The authors developed an Android application that collects graphical passwords, by simulating user authentication in a mobile device. This avoids any potential bias that is introduced when the survey participants are not interacting with a mobile device while forming graphical passwords (e.g. in Web or hard-copy surveys). Findings – The findings verify and enrich previous knowledge for graphical passwords, namely, that users mostly prefer usability than security. Using the survey results, the authors demonstrate how biased input impairs security by shrinking the available password space. Research limitations/implications – The sample’s demographics may affect our findings. Therefore, future work can focus on the replication of our work in a sample with different demographics. Originality/value – The authors define metrics that measure the usability of a pattern (handedness, directionality and symmetry) and investigate their impact to its formation. The authors propose a security assessment scheme using features in a pattern (e.g. the existence of knight moves or overlapping nodes) to evaluate its security strengths.

Download Full-text

Evaluation of Recognition-Based Graphical Password Schemes in Terms of Usability and Security Attributes

International Journal of Electrical and Computer Engineering (IJECE) ◽

10.11591/ijece.v6i6.11227 ◽

2016 ◽

Vol 6 (6) ◽

pp. 2939

Author(s):

Touraj Khodadadi ◽

A.K.M. Muzahidul Islam ◽

Sabariah Baharun ◽

Shozo Komaki

Keyword(s):

User Authentication ◽

User Studies ◽

Research Review ◽

Critical Component ◽

Success Rates ◽

Graphical Password ◽

Graphical Passwords ◽

Single Method ◽

The Common ◽

Comparison Table

<p>User Authentication is a critical component in information security. Several widely used mechanisms for security to protect services from illegal access include alphanumerical usernames passwords. However, there are several drawbacks attached in this method. For instance, the users themselves usually those passwords that are easy to guess. As difficult passwords are difficult to recall. A new alternative is the graphic-based password and there has been a growing trend in the use of such a password. The human psychology study reveals that humans find it easier to remember pictures as opposed to words. There are two main aspects to the graphical password scheme, namely security and usability. This study comprises of a comprehensive research in the current Recognition-Based graphical password schemes. The common usability attributes and possible attacks on the Recognition-Based graphical password are reviewed, identified and examined in detail. There are several previous surveys on the graphical passwords. The latest research review and summarize graphical password systems concisely and at the same time, analyze usability features for every design. However it was found that there is not a single method that has the most resounding usability attributes. Therefore, this research suggests a set of usability attributes that can be applied into a single Recognition-Based graphical password system. In addition, this study examines and compares success rates on login, login time and memorability of existing systems which are the usability measures most often reported in user studies of graphical passwords. Lastly, a comparison table is revealed to put forth the limitations and strengths of each approach in terms of security and usability.</p>

Download Full-text

A Security Improved Remote Password Authentication Scheme Using Smart Card

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.317-319.1791 ◽

2011 ◽

Vol 317-319 ◽

pp. 1791-1796

Author(s):

Chao Jing

Keyword(s):

Smart Card ◽

Hash Function ◽

User Authentication ◽

Authentication Scheme ◽

Password Authentication ◽

Network Applications ◽

User Authentication Scheme ◽

Rsa Cryptography

Increasing number of network applications require authentication of the user's identity which is the first step to ensure security. This paper analyzes the security performance of one proposed remote two-factor user authentication scheme and discusses the attacks it suffers. Then we propose an improved scheme based on the RSA cryptography and one-way secure hash function to avoid the attacks it suffers. After that we prove the proposed scheme is autonomous and effective for both sides in the authentication process.

Download Full-text